From the Microsoft Dev Center, your Publisher ID is...

the string that uniquely identifies your Windows Store developer account in your packages. The publisher ID is assigned by Microsoft, and you can't change it.

This is likely to appear in a lot of Open Source repositories for Windows 8 because it is listed in the identity element of the Package.appxmanifest file which is required in order to build your project.

A search of extension:appxmanifest on GitHub reveals almost 5,000 files with this info since the appxmanifest is not on the default gitignore.

Here's GitHub's Help Page on Removing Sensitive Data, but I'm wondering if there's a reason to be worried about it in the first place.

Q: Is there a security reason why this should remain private?

Q: Is there a security reason why this should remain private?

I will not say that this is because of the 100% security reason. But there are other factors as well. As this Publisher ID which you have obtained from your developer account at the Store will help you create a certificate with a Publisher ID of your choice. You can also create a password.

Publisher ID helps you in signing an app package

If you either create a package for the Windows Store or associate your app with it, the Publisher attribute is set to the Publisher ID that’s obtained from your developer account at the Store when you sign in during package creation.

So it is your publisher ID which is actually identifying you. So its better to keep it secure.(It is very similar to take it like you will not like to give your bank account details to anyone except the bank ;-))

So if your publisher ID is not secure or is public then you may loose that choice.

Check this To create or use an alternate certificate